[Openid-specs-ab] Issue #1611: PARM - Pushed Authorization Response Mode (openid/connect)
Kristina Yasuda
issues-reply at bitbucket.org
Sat Aug 27 03:02:25 UTC 2022
New issue 1611: PARM - Pushed Authorization Response Mode
https://bitbucket.org/openid/connect/issues/1611/parm-pushed-authorization-response-mode
Kristina Yasuda:
Placeholder issue. There used to be a proposal to define PARM - Pushed Authorization Response Mode \(name not final\). The idea was to enable AS/SIOP to send large responses by reference, just like the Client can pass requests with large sizes using PAR - Pushed Authorization Request via `request_uri`.
AS/SIOP would send `response_uri` to the Client in the response, Client can retrieve response object from the response\_uri.
Additional benefit was security, since what started as a cross-device flow could end as a same-device flow - the user would start the flow by scanning a QR code on another device, but would end on a device used to present the Credential which would open `response_uri`.
\(cc @Jeremy\)
More information about the Openid-specs-ab
mailing list